61 lines
2.4 KiB
Plaintext
61 lines
2.4 KiB
Plaintext
$NetBSD: patch-ab,v 1.4 2009/12/11 19:48:21 heinz Exp $
|
|
|
|
--- systems/freebsd/logcheck.sh.orig 1999-10-31 16:07:29.000000000 +0100
|
|
+++ systems/freebsd/logcheck.sh
|
|
@@ -52,7 +52,7 @@ LOGTAIL=/usr/local/bin/logtail
|
|
# You would also be well advised to make sure all your system/cron scripts
|
|
# use this directory for their "scratch" area.
|
|
|
|
-TMPDIR=/usr/local/etc/tmp
|
|
+TMPDIR=@TEMPDIR@
|
|
|
|
# The 'grep' command. This command MUST support the
|
|
# '-i' '-v' and '-f' flags!! The GNU grep does this by default (that's
|
|
@@ -89,7 +89,7 @@ MAIL=mail
|
|
# look for generic ISS probes (who the hell else looks for
|
|
# "WIZ" besides ISS?), and obvious sendmail attacks/probes.
|
|
|
|
-HACKING_FILE=/usr/local/etc/logcheck.hacking
|
|
+HACKING_FILE=@PKG_SYSCONFDIR@/logcheck.hacking
|
|
|
|
# File of security violation patterns to specifically look for.
|
|
# This file should contain keywords of information administrators should
|
|
@@ -98,7 +98,7 @@ HACKING_FILE=/usr/local/etc/logcheck.hac
|
|
# some items, but these will be caught by the next check. Move suspicious
|
|
# items into this file to have them reported regularly.
|
|
|
|
-VIOLATIONS_FILE=/usr/local/etc/logcheck.violations
|
|
+VIOLATIONS_FILE=@PKG_SYSCONFDIR@/logcheck.violations
|
|
|
|
# File that contains more complete sentences that have keywords from
|
|
# the violations file. These keywords are normal and are not cause for
|
|
@@ -115,14 +115,14 @@ VIOLATIONS_FILE=/usr/local/etc/logcheck.
|
|
#
|
|
# Again, be careful what you put in here and DO NOT LEAVE IT EMPTY!
|
|
|
|
-VIOLATIONS_IGNORE_FILE=/usr/local/etc/logcheck.violations.ignore
|
|
+VIOLATIONS_IGNORE_FILE=@PKG_SYSCONFDIR@/logcheck.violations.ignore
|
|
|
|
# This is the name of a file that contains patterns that we should
|
|
# ignore if found in a log file. If you have repeated false alarms
|
|
# or want specific errors ignored, you should put them in here.
|
|
# Once again, be as specific as possible, and go easy on the wildcards
|
|
|
|
-IGNORE_FILE=/usr/local/etc/logcheck.ignore
|
|
+IGNORE_FILE=@PKG_SYSCONFDIR@/logcheck.ignore
|
|
|
|
# The files are reported in the order of hacking, security
|
|
# violations, and unusual system events. Notice that this
|
|
@@ -170,9 +170,10 @@ fi
|
|
#$LOGTAIL /var/log/secure >> $TMPDIR/check.$$
|
|
#$LOGTAIL /var/log/maillog >> $TMPDIR/check.$$
|
|
|
|
-# FreeBSD 2.x
|
|
+# NetBSD
|
|
$LOGTAIL /var/log/messages > $TMPDIR/check.$$
|
|
$LOGTAIL /var/log/maillog >> $TMPDIR/check.$$
|
|
+$LOGTAIL /var/log/authlog >> $TMPDIR/check.$$
|
|
|
|
# BSDI 2.x
|
|
#$LOGTAIL /var/log/messages > $TMPDIR/check.$$
|